First of all, to make sure you all aren't
convinced this is all a waste
of time (Posted on rec.humor.funny):

That honesty is the best policy was driven home to me a couple of days
ago, when I went to the butcher's shop late in the day. A wizened old
lady wanted to buy a lamb roast, so he'd pulled one out, weighed it,
and told her, "That'll be $13.45, please."

"Too small, I'm afraid. Do you have a larger one?"

The butcher picked up the roast, went out to the back room, waited a
while (it was obviously the last one he had in stock), and came back.
"This one should be better. It's $15.20."

I was just about to explode in protest, when I saw the old lady give
him a sly grin. "Thank you. That's perfect. I'll take both."

While not having anything to do with spamming, I think this little anecdote
sets the tone for this page in the sense that (1) Spammers are always trying
to con you (2) There are ways to exact retribution by
burning spammers with their own trick.

What is spam?

Spam includes internet based telemarketing, sending unsolicited batch emails, cross posting off topic commercials or other materials to the USENET, or otherwise abusing the internet's facilities, to send unwanted messages to
huge volumes of people. Most people who try to interact on the internet in
any non-passive way will encounter spam.

In the old days (before 1996), this sort of thing was limited to one off
pranks or newbie idiocy usually limited to USENET where it can be controlled
to some degree. But with the explosion of the internet, over anxious telemarketers are redefining the concept of abuse, bad taste and invasion of
privacy through spam. Batched email commercials for products you would normally hear about in an infommercial (essentially, junk email) is currently the method of choice for today's spam instigator.

Most people find spam annoying and also end up paying for connection time just
to receive spam. While my employer absorbs the cost, I am one of the "annoyed"
people, who receives a lot of unwanted spam. I am fed up! This page is about
how to counter act spamming. I am willing to invest some time into counter
acting spamming in general, and if anyone else has any better suggestions, feel
free to tell me about them.

In case you are wondering how most people
in general feel about this take an online poll on News.com which tallied up
whether or not people think unsolicited email should be illegal, concluded
that 84% thought it should be illegal. I'm sure the 16% that thought it was
all right are composed primarily of perpetrators and people who have not yet
been hit by massive email spam and can't imagine what's so wrong about it.

I have a personal definition that I am
fairly comfortable using:

Spam is any email sent to you under a premise that you have not invited the
sender to contact you about. That is to say, you must in some sense open
yourself to the conversation before such solicitation is acceptable.

For USENET postings, this is extended by saying postings made to a newsgroup
which the vast majority consider to be off topic (as described by the
newsgroup charter) and/or a waste of bandwidth.

Here are some email examples:

Out of the blue one day I received mail from McAffee about their virus
detection products. This is spam since I have never invited anyone to discuss
viruses with me in conjunction with trying to sell me a virus detection
product. This mail was spam. (McAffee is a very disreputable company
known for spreading false virus warnings in an attempt to sell their product.)

Out of the blue one day I received mail from SciTech Software about
their latest graphics driver products. I have established a relationship with
SciTech and two of the employees as well as having a keen interest in graphics
drivers (that is what I do for a living.) This relationship was established in
public forums such as the USENET and a conference (CGDC.) I also work for a
company that has a relationship with SciTech. This mail is not spam.

In both cases the sender had a simple mechanism for determining whether or not
what they were sending was spam or not. Basically, the question simply comes
down to whether or not there was already an established relationship.

Similarly speaking, as I make public postings to the USENET and author several
public web pages, I essentially have established a one way relationship with
anyone wishing to discuss such topics with me. But not to simply take my email
address and start up any old conversation with me; that's spam. Recruiting
firms giving me random job offers based on my skills/reputation also falls
under the terms of spam since the recruiting firms themselves do not open a
direct discussion on such topics. They just want to talk about jobs, not
assembly or graphics. (The only time I feel I should be talking to somebody's
representative is when I am in a court of law, not on the internet.)

How do they do it?

The easiest way to spam is to cross-post a commercial on the USENET. Given its
growing size, such posts can cost the internet tens to hundreds of thousands of
dollars just to propagate the unwanted message to everyone. Although cancelbots (automated agents that put a stop to such posts early on) do exist, they are automated, and hence have very unaggressive rules for identifying spam (otherwise it may inadvertently cancel somebody's legitimate post.) This form
of spamming, tends to be the least effective, as people usually quickly learn
to recognize and ignore such posts very quickly.

The most typical spam/scam posted to the USENET is the
pyramid scheme, get rich quick scam. It basically starts up an exponent flow of
money, without ever selling a product or service, and the goal is to be at the
receiving end of the flow of money. The reason it doesn't work is that the
total money remains constant, and is really just shuffling around (with most of
it going to the instigator and the handful of early adopters, all of whom can
be charged with fraud in a court of law.) It lures people in based on the same
false premise as any lottery system. Unlike lottery systems, however, there is
no government control, clearly posted rules, or even an honest business
establishment backing it up.

Another typical scam is to use bait and
switch tactics. This is when a telemarketer has set up their scam
on a web page somewhere, that you would not ordinarily run into (unless you
were just randomly clicking on link exchange banners.) They post one
thing, that seems either very interesting or on topic for the particular
newsgroup, with a link to their page. Of course, once you click on their
site, they can try to sell you anything they like. Spammers are not
above trying anything. One spammer I saw posted something to the effect
of "Ok, since there has been so much demand I'll just post the URL:" without
ever having giving any sort of prelude to what they are talking about (they
were not referring to any previous discussion of course, just feed off
people's curiosity and mob mentality.)

Batch emailing (or email bombing) is a
somewhat more sophisticated, but far more effective way that
telemarketers have picked up and it threatens to ruin the internet.
Basically, the spammer accumulates a list of valid email addresses. The
easiest way to do that is to download an entire USENET feed and scan for email
addresses. An alternative way to harvest for email addresses is to use a
"search engine" to scan email addresses from people's web pages, including
their "guest books", and finally, popular web pages which get you to input
your email address in some form somewhere can easily accumulate a list.
They then simply write a simple program to send a copy of their commercial to
each of the email addresses. Of course, there would be little point of
doing this, unless they were able to hook some percentage of those email
targets into their scam. This requires that they have some way for
you to respond to them.

The amateur or beginner email spammers
will tend to just supply a return email address to "get more information".
These spammers tend to lose their accounts rather quickly (enough of their
targets are usually savvy enough to complain to the right people, to help get
this done.) If the scam is pyramid scheme in nature, alerting the post office
will help bring the offender up on charges.

The hard core telemarketers who have a
skilled programmer on staff will be able to do much more to protect
themselves. They can use a mail relay sympathetic to the cause of
spammers that will hide the originating IP address as well as
faking all the regular header fields of the email. For all
intents and purposes it is possible for the real originator to be
completely shrouded. But at the very least, in all cases, the header
will at least give the last mail relay which did send you the
mail. (And if that relay is legitimate it will at least give the
IP address of the mail originator.) Typically only spammers that
own their own email relay, or buy the service from a sympathetic spammer, can
do this.

The most typical email spammer, though,
will simply use an unsuspecting public email relay. They will provide fake
Reply-To and From fields and have you call some long distance number or send
something to a PO Box to get feedback. These people are traceable because they
leave their IP address in the header. But it requires a little bit of work to
actually track them down. These spammers hope that they can get away with it
for long enough that by the time the appropriate UNIX hackers track them down
and alert the right people, they will have accomplished what they need to
accomplish.

More recently, spammers are using the
tactic of sending their spam at "off hours" (like Sunday night) to spread out
retaliations enough to gain a little extra time before they are tracked down
and shut down.

The scams

On 10/08/97 I received the follow email:

From: holly4554@hotmail.com
Date: Wed, 08 Oct 1997 23:08:20 -0400
Subject: See Ya Tomorrow
X-Sender: holly4554@hotmail.com (Unverified)
To: (Recipient list suppressed)
Hey there, what's going on. I just signed up for this great web
site, and thought you would get a kick out of it. Here is my
password, check it out if you want. The video sex is unreal..
http://xxx.xxx.xxx.xx/teens/
User name= xxxxxx
Password= xxxxx
See you at the golf corse in the morning.
You better not be late this time.......
D
P.S. Tell Kathy to give my wife a call..

Ok, obviously I have no idea who "D" or holly4554@hotmail.com is. The idea of
this SPAM is that its meant to lead me to believe that this email has been
sent to me by mistake. And I'm supposed to say to myself "Wow! Someone has
inadvertently sent me free access to an Adult site that might otherwise cost
me some ungodly sum of money! I should take advantage of this!"

There are plenty of telltale signs that
make this SPAM, not any inadvertent legitimate email message.

To: (Recipient list suppressed) is a typical email list signature

It comes from hotmail.com.

The content: discussion of online sex between people is
obviously fairly rare in comparison to unsolicited email trying to
push it.

Even if the mail was sent erroneously, the chances that they make
a sufficient set of coincidental errors is essentially zero unless the
person knows me. So no matter what this person must have my email
address without my consent.

Reasons 2 through 4 are, by themselves,
sufficient to label the email as SPAM. Reason 1, if you are not
familiar with the sender, is also sufficient. Unfortunately, as
can be seen from the above, its hard to be 100% sure without
wasting the time and effort to read the scam in the first place and
thinking about it for a second. Examples like this should be
convincing evidence of the use of SPAM for the purposes of
fraudulent advertising.

Who
are these people? Are they really so bad?

By personality, scruples and a sense of
who they are, basically these people are the same people who make
infommercials as well as telemarketers with fewer resources (they were
probably abused as children.) Internet spamming is a very cheap,
and very easy way to get a message across to thousands or millions of
unsuspecting people. Because the internet has no laws, and is not
heavily policed, there are no consequences. If they only get a 1%
favorable response, it is good for them; all they have to do is
increase the number of targets they hit with their spam, which costs
them nothing, of course.

These people are used car salesmen. They
are the scum of the earth and they will resort to any tactic to sell
something to you; the slimier the better. They are taking up valuable
internet bandwidth and precious oxygen. They will often try to suck you in,
by being friendly or, put of a facade of being reasonable nice people in
their spam. Don't buy it for a second. If they weren't the lowest scum,
they wouldn't be doing this to you.

As a primary example, many spammers will
offer to remove you from their list contingent upon you sending them a
"remove" email. They are lying. Rather than removing you, they will either
resell your email address to someone else or use it for another list they are
maintaining. If you respond, you are confirming that your address is active,
which is music to their ears. Originally this was just a theory of mine, but
it has been very much confirmed by folks like Paul Vixie and Dave Romerstein.
They both set up some bogus email addresses which had no other activity on
the net other than to log into the so called IEMMC.ORG "take me off
the spam lists" site and ask to be taken off all spam lists. Sure enough
those email addresses, which had no other activity on them whatsoever started
receiving spam.

Signing up for spam blocker lists are a
red herring for several reasons:

The spammers are under no legal obligation to follow them, and
most do not. Even those that do can ignore it at their option and blame it on
technical reasons without recourse. Quite simply you have no reason to trust
them.

It is an email address list, plain and simple. That means people will
master CDs with those lists and sell them as willing spam targets plain and
simple. Burying your head in the sand and somehow believe that such people
don't exist is naive.

.ORG sites are the shortest lived sites due to a lack of monetary
backing. That's why iemmc.org and www.antispam.org are not likely to
be serious. At any given time, accessing them is not a likely
proposition.

Its just meant as a deflection tactic to keep you from getting
angry and retaliating. Don't fall for it. If you feel so inclined,
retaliate.

If you are somehow unconvinced that
spammers are as bad I am making them out to be, you might like
to consider the words of the supreme court of the United State of
America:

"Nothing in the Constitution
compels us to listen to or view any unwanted communication,
whatever its merit.... The ancient concept that 'a man's home is
his castle' into which 'not even the king may enter' has lost none
of its vitality.... We therefore categorically reject the argument
that a vendor has a right under the Constitution or otherwise to
send unwanted material into the home of another. If this
prohibition operates to impede the flow of even valid ideas, the
answer is that no one has a right to press even 'good' ideas on an
unwilling recipient. That we are often 'captives' outside the
sanctuary of the home and subject to objectionable speech and
other sound does not mean we must be captives everywhere.... The
asserted right of a mailer, we repeat, stops at the outer boundary
of every person's domain."

The majority of the community on USENET
are pleasant people with a genuine interest in topical discussion.
Unfortunately, the free speech nature of it tends to precipitate
flame wars (a cascade of posts and responses where a contentious
argument degenerates into childish insults, slander, put downs and name
calling.) There's nothing worse than watching your favorite
newsgroup degrade into something comparable to the British Parliament as
a result of a few thoughtless bad apples who just cannot resist the
temptation to show the world how big they are when they can say
something without saying it to their face. Ignoring these posts is
often hard to do, especially if your news reader is
substandard. So, my best and only recommendation is to get a
good news reader. A good news reader will let you screen out
certain individuals or subjects of discussion with an easily
configured filter. UNIX news readers usually include
this feature, as do the better Windows news readers (Netscape
4.0 and Anawave's Gravity for example.)

Batch email spammers principally rely on
harvesting from some textual internet source in an automated way to get
your email address. So the simplest way to avoid email spam is to avoid
copying your email address anywhere on the internet. This means, either
not posting to USENET, or posting with a fake email address (commonly in
vogue is some simple modification of your email address so that a human
looking at it could figure out the real address, while a computer could
not) and not entering your email address on any WWW forms (like guest
books.) If you have a web page, with CGI access, or a CGI based
remailer of some kind then you can funnel all "mailto" tags to an html
web form (such as mine) that hides your email
address from the text stream while allowing humans to email you or even
see your address.

Since setting up the system above for
rerouting all my email, the amount of spam I receive has reduced
substantially. I used to receive many spam emails per day. It
pissed me off so much, I wrote this web page up as a result! Now I only
receive about one or two a week! (Update: I have recently backed off of
this strategy and watched my spam reception go right back up to an
average of 3-8+ spams a day.)

As I receive spam email, I used to try to
notify all the postmaster and roots that the message that they have a
spammer on their hands and they should not let them get away with it.
But I realized that this just makes matters worse if the
roots/postmasters are sympathetic to the spammer rather than
yourself.

As much of the spam email comes from a
common source, I have build email filters to deal with well known
spammer addresses. I use the free Pegasus email program and
the filters that I have set up (and periodically update) seems to be
able to automatically filter about 50% of all the spam I receive.
Its not perfect, but its a lot better than nothing.

Update: I've recently learned
Pegasus' "regular expression" matching feature and the spam
filtering has risen to nearly 80%! I must really recommend this feature
now. I have also made a copy of my filter in a simple text form that
you can examine here. Please
note that Pegasus uses * and ? in place of the more
standard .* and . (used in the UNIX version of egrep and
Perl.) Also, Pegasus' regular expressions are missing quite a
few regular expression constructs.

The JunkBusters Corporation has
recommended that the following generic notice/warning/offer be sent back
to the spammer.

I do not want to receive
uninvited solicitations by email (``Junk Email''). I am unwilling to receive
Junk Email freely because it costs me time and money. If you send me any Junk
Email other than on the terms of the offer set out in the following nine
points, I will take this to mean that you plan to use what I offered you
without paying for it. If you ever try to do this I reserve my right to take
any action available to me without further reference to you. Actions
available to me include taking proceedings against you for negligence or
breach of contract, which may result in substantial damages being awarded
against you by a court. The unauthorized use of my computing facilities may
even be a crime.

I offer to receive all further email from you on the
terms set out below. If you send me any solicitation by email without my
express prior written consent this will be taken as your acceptance of
this offer.

For the purposes of points 3 and 4, you will be taken to
have sent any email sent by any entity apparently associated with you
for the purpose of sending email solicitations.

You must pay me ten US dollars for each such item of
email that you send me.

You must pay me ten US dollars for each copy of each
email solicitation that you send to anybody or any email address referred
to below, even if you don't send a copy to me. You may also have to
pay other persons as well if they have sent you a similar offer.

I may join with any of those persons for the purpose of
efficiently collecting your payments.

You must mail payment by certified check to me within
five working days of the transmission of the email. If you do not know
where to send payment, you must state this in the email and give me an
easy way to tell you.

Each email item must be uniquely identified, and each
payment must clearly identify the relevant item or items.

You must tell me your name and full business and
residential addresses in each email message.

I may vary the terms of or terminate this offer at any
time (even after you have accepted it). Any new terms will apply to all
email you send after you have been notified of a variation.

The copyright of the above text
is held by Junkbusters Corporation and is used here in accordance with the
GNU General Public License, copies of which are available at
www.junkbusters.com or from the Free Software Foundation, 675 Massachusetts
Avenue, Cambridge, MA 02139, USA.

The above message's main effectiveness is
that it appears to be almost a form letter in nature and is highly
non-personal. This is good because it lets the spammer know that you didn't
take the time to read whatever it was they sent you beyond knowing it for
what it is, and are not interested, nor easily enticed into engaging in any
personal or business contact.

As part of email disclaimers in USENET
postings, I've seen the following message:

========================================================
WARNING: Use of the above Email address for unsolicited
commercial Email or as part of a mailing list for any
purpose, without express consent of the addressee is a
violation of US Law (see below).
Permission to use the above Email address for solicitation
purposes may be granted by the addressee for a fee of
US $1000.00. Use of this address for solicitation or
other purposes constitutes agreement to these terms.
========================================================
"By US Code Title 47, Sec.227(a)(2)(B), a computer/modem/printer
meets the definition of a telephone fax machine. By Sec.227(b)(1)(C),
it is unlawful to send any unsolicited advertisement to such
equipment. By Sec.227(b)(3)(C), a violation of the aforementioned
Section is punishable by action to recover actual monetary loss, or
$500, whichever is greater, for each violation."

While succinct and to the point, it won't
stop automated email address
harvesters and it wont stop the hard core spammer
who will simply ignore you
and use whatever technological means at their
disposal to make tracking them
down a difficult and time consuming proposition.

On the other hand if you were able to use
this as a successful basis for recovering damages from a spammers, it might
be a nice way to supplement your income. I think it would be cool if collection
agencies would get together with anti-spammers and started a small industry
of basically punishing spammers
for money.

How
can I help stop spamming as a general practice?

Ok, time for another joke:

Dear Mr. Jones:

We noticed you've
not picked up any condoms at SpiffyMart recently. (Your last
purchase
was 8 weeks ago.) Further, you have stopped buying feminine hygiene
products,
but have sharply increased your frozen pizza and dinners usage in the
same
time frame.

It's clear that Ms. Jody
Sanders has dumped you. (It's probably for the best - we knew she was a
loser from that cheap shampoo she buys.) We confirmed this with the Post
Office database -- yep, she filed a change of address.

We at Horny International
offer our condolences. As the number-one vender of hot X-rated videos, we'd
like to help you out in this time of stress. If you're feeling lonely, check
out our catalog of both VHS and super 8 tapes.

Order now and we throw in
an extra tape FREE!

Yours Truly;

Sleazy Jerk, Marketing
Manager.

ps: That "blond" at
O'Dougles last Saturday -- you bought her 2nd Strawberry Martini? Forget it!
She's on her third yeast infection in as many months, and is a 'regular' at
Acme Pharmacy. (Her HMO computer gossips with ours.) You never know what else
she might have. Our tapes are LOTS safer!..

I am suggesting you consider the question
of how to stop spamming, not because
I am enforcing moral values as to
how you should react to spam, but rather
because we (the internet community)
will soon have no choice.

Never read the contents of a spam

Nobody can force you to do anything,
and that
includes reading solicitation, and my strong recommendation is
that you don't.
That is fundamentally the ultimate cost to you, and it
is what they first want
out of you. In not reading what they've said,
it keeps you completely neutral
to the contents, which means you can concentrate
any reference to the spam
on the fact that it is nothing more than spam
to you. It usually doesn't
take me more than 3 or 4 lines to know that
an email is SPAM (and often
you can tell just from the subject, or sender's
email address alone.)

While you may be able to see through
their scams now, it is clear that as this form of marketing grows, more
sophisticated and deceptive spam will be sent (like a legit sounding charity
service asking for contribution, that's really just someone's PO box, or
somebody claiming to be an old school friend in need of help/money. Update:
did you get a Diana T-shirt spam? Know what I am talking about now?)

Use mail and usenet filtering to block
common spammers

If your mailer/newsreader does not
support filtering then I suggest you get yourself ones that do. Relatively
speaking, the internet is very cheap for what it does (its a lot cheaper
than long distance, that's for sure!) and I feel that its worth the fixed
cost investment to purchase good tools for using it. The tools I use:
Netscape Communicator 4.0, Pegasus Mail for Win32, and Anawave's
Gravity News reader. (I have not linked them, as I think its entirely
up to you to choose your own tools, and also your onus to find them.)

So far, I've just been accumulating
lists of people/subject matter that I
consider spam of too prevalent a nature
and excluded them through
my Pegasus Mail filters.
Unfortunately, it does not
send any negative feedback to the spammer,
but nobody can be expected to
respond to every piece of junk email sent
their way.

Designing a mail filter to ferret
out spam.
For me this has been an
interactive process. I have found that there are
a few clever things that go
a long way to nailing spam. Below is a list
of simple filter rules that will
do a lot of the work:

If in the body of the message
you find to be
removed from future mail, that is a nail on the head
sure sign of
spam.

Mail coming from certain sites
such as hotmail, earthlink, juno, nevwest, cyberpromo, savetrees are
obvious targets and should be added to your mail filter. (Update: hotmail has
gotten better, in that it does not condone spamming, but there is little
evidence they have pursued people for faking hotmail addresses for the
purposes of fraud or spam. That is to say a fair percentage of spam still
does appear to come from @hotmail.com addresses, but did not actually originate
from hotmail.com so filtering is still effective so long as you don't care
to receive mail from hotmail members.)

User names such as money@,
freestuff@,
guarranteedcash@ and so on should be added as you run into
them.

Subject with "supplement your
income",
"guarantee", "$50,000", should be entered into your filter.

For phrases in the body of the
mail: "This is
not a pyramid scheme", and "this is not illegal!" are telltale
signs of
spam.

The special header strings X-Advertisement,
iemmc.org.

The question then is where should
you target this filtered email? Because filtering your email can be a little
risky, just sending to the garbage bin may not be such a great idea. I
personally send them to a "spam folder". I use this spam folder as a source
of spammer email addresses that I use in some of the offensive tactics listed
below. In the case of hotmail, though, I simply forward any mail I receive
from their site to abuse@hotmail.com.

In collecting spam, I have found
the following interesting statistics that can help you design a spam
filter:

About 10% of all spam contains
nevwest.com in its header, but nearly all of it has other telltale
signs that it is spam. This is the worst spam site (and best guarantee that
the mail has only spam content) followed by, hotmail.com (a close
second), cyberpromo.com, public.com, savetrees.com,
juno.com and earthlink.net in that order. Of course, I've heard
that cyberpromo, savetrees and nevwest are really all just
cyberpromo in one form or another, which obviously makes cyberpromo far and
away the number one spam domain. (Update: Even with hotmail's anti-spam
policy, these statistics have not changed.)

The next most definite
determination that something is spam is a From address which is nothing but
numerals leading up to or starting from the @ sign, or else an address with
nothing but numbers ending in @aol.com. Another 20% of spam can be
determined by this.

Email that addresses you as
Dear Friend or you@ have the highest probability of
having no other telltale signs that they are spam, and by themselves
are enough to identify spam.

Among contextual filters,
looking for telltale phrases referring to bulk email, mailing
lists, or bulk emailing software is the most likely to occur
in spam.

At least 75% of all spam has
multiple "spam marks" (phrases or header tags which does not appear in
regular email) that identifies it as spam.

Despite claims by some spam
domains about promoting "responsible UCE" less than 25% of all spam is
distributed with the X-Advertisement header tag. Less 4% of all spam
contains a pointer to iemmc.org, the supposed "spam block list".
(Update: iemmc.org no longer exists but the statistics were true right
up to the point of its ceasing to exist, and the X-Advertisement
header string usage has dropped to 0%.)

If you have a programmer's flair,
or know a little about regular expressions, then you will find this even more
useful. For example, some useful UNIX regular expressions are:

\$\W*([0-9,]{1,}|[0-9,]+\.[0-9]{2,2})

Money

.*make \$+\W*[0-9,.]+.*in.*[0-9]+\W*(day|week)s.*

make money in short time

([Ff]rom|[Tt]o):?\W*[0-9]+@[0-9]+.com.*

Bogus numeric email addresses

If your filtering system supports
a form of regular expressions, you will find them more effective than looking
for specific strings.

On USENET, its pretty easy to
garble your email address in such a way that a human can easily decipher it,
but the an automatic email harvester will have no good algorithm for
deciphering it. I use addresses such as: qed "-at-" pobox "-dot-" com
or qREMOeVEd@poCAPIbTOLox.cLEToTERSm. I believe I was the first
person on the USENET to use these techniques to encode my email address, and
the idea has since spread like wildfire.

If you need to provide links or a
method to contact you by email, then you should instead try to use an URL to
a specific email web page. The web page could then
use CGI (or even Java or Javascript) possibly in combination with a form to
hide your email address (depending on what web services you have available to
you.) As an example, you should study my set up. I have mail links on
almost all my pages all referring to an email page that uses precisely this
trick. Notice how my email address is in plain view on that page, but
impossible for a harvester to decipher. (My email address does not appear as
a piece of text, anywhere on my site.)

Do not sign up for services that
are likely to resell your sign up information (usually just your email
address) to email listing houses. Unfortunately, I found out about this the
hard way, and I signed up for too many services to be able to pin down who I
think the culprits are.

Attacking spammers

This is not for everyone, especially
if you don't have the time to do it.
Don't feel guilty about wanting to
stop spam, but not having the time or
resources to do it, as it only takes
a small percentage of competent people to
bring down spammers. I think
these recommendations are important however,
since spammers will not go
away on their own. There needs to be consequences
for their actions.
For those willing to put for the effort, I have a few
recommendations:

Respond to the spammer (Update:
this is a bad/useless idea. Go straight to the top, over their heads;
talking to them is a waste of time), as well as their postmaster, root
and those of all the hops for the email or news post that can be gleaned
from their email header with a cease and desist letter. Hopefully, the
system administrator for these spammer accounts will see fit to terminate
their account. (Responding on USENET is a silly idea, as everyone already
knows the spam is bad, and you are just adding to the wasted bandwidth;
limiting your responses to email is preferable.)

Unfortunately, there is a new
breed of email spammers out there that can not
only protect their own email
from ISP retribution, but from retribution from
the mail relay they use.
Clearly the mail back technique will not work against them. If you can
at least manage mail to their target, you should modify your sender address
to that of another spammer, pretending to be interested in their offering.
If there are spammers you want to annoy, you should accumulate their addresses
and send them each other's spam.
If they provide an (800) number dial
it up a few times, but don't make a sound. Every call costs them money;
and if everyone annoyed by them does it,
their phone bill will be enormous.

If you want to keep your email
address, you can "spoof" your own email address or, in fact, use an anonymous
remailer service.

The whole idea is to give them
responses that are useless to them and end up tying up their time and resources
in much the same way they are doing to you. As they are likely to be hit
by a lot of this (since they send out a lot!) hopefully this will help
deter them from doing this again (or at least avoiding you!)

Use
their own trick against them! Whenever you get a pair of spam emails
forge an email with one as the sender and the other as a receiver (in fact
I like to do a third address as the signature.) I put some generic nonsense
like: "Wow! That sounds like an opportunity I have to take advantage
of! Please send me as much information as you can, as soon as possible!".
That way they send further spam from each other. For the most aggressive
harvesters, they ought to put each other into multiple mailing lists which
will cause them as much grief as anyone else. (I should sit down and model
this mathematically; it seems like it should burden the spammers at an
exponentially growing rate as they pass their own addresses on to more and
more lists ... . This sounds absolutely delightful!)

Of course, if you just fake
the mail by playing games with your mail program's send and receive fields,
your header still will not be entirely clean, as the header will still reveal
your mail relay. To fake a message thoroughly requires a little
more work, but is not that challenging for a programmer that is familiar with
sockets and can read a few RFCs.

Some spammers will have autoresponders
from spam domains. What this means is
that if you email an address like
abuse@domain1.com it immediately sends
back some generic mail indicating
that they are not going to do anything about
the spam you have just received.
Now, if you find two such auto-responders
then spoofing some mail to make
it look like one auto-responder has sent mail
to another ... :o) (Thanks
to the reader that suggested this idea to me.)

Attack spammers as a form of
entertainment!

This comes from HotWired's `packet' site, at:

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Spam Libs

Bulk email spawns ingenious offensives from the masses

Do you remember Droodles? They're those simple
line drawings that look like nonsense until you read the captions. Droodles
were invented in the '60s by a humorist named Roger Price, an author probably
best known for his stinging critique of American society, The Great Roob
Revolution. I was lucky enough to get to know Roger before he died in 1990.
He had lots of great comics, books, and original art (from people like MAD
Magazine creator Harvey Kurtzman) lying around his Studio City, California,
home.

Beside Droodles, Roger also invented Mad Libs. You might remember these,
too. Mad Libs were little books with stories in them. But the stories had
several missing words, with instructions to insert verbs, nouns, and
adjectives in the blank spaces. The game was played at parties, where
one person asked the others to supply the missing words. Then the story
was read out loud and everybody laughed heartily at the result. (There
are dozens of Mad Lib knockoffs on the Web.)

Because spammers work their cons anonymously, hiding behind forged email
addresses and working out of PO boxes, our imaginations can run wild about
what they look like. My fantasy spammer is a rat-skinny, potbellied,
40-year-old with a greasy salt-and-pepper ponytail and beard. And he's
rat-smart: After being spammed with get-rich-on-the-Net messages, he
bought the lists containing millions of email addresses, and he bought
the DIY spam software, and now he's in business for himself, working from
the spare bedroom of his mother's house in a Las Vegas suburb. I'm
grateful to Roger and his Mad Libs for helping me come up with a fun spam
prank. It all started a couple of weeks ago when I received the following:

Do you drink bottled water?
Are you looking for a
discount? How about 4 cents
a gallon? With our high
quality water-filtration
systems, you can bottle
your own!! Email your name,
address, phone# & email
address to The Water Lady -
TheWaterLady@----.com

I copied this stupid message into my word processor,
and using the
search-and-replace function, swapped every occurrence of the
word "water"
with "urine," then sent the result to the Water Lady:

I received the following
advertisement and I'm
wondering if it is a joke?
Do you drink bottled urine?
Are you looking for a
discount? How about 4 cents
a gallon? With our high
quality urine-production
systems, you can bottle
your own!! Email your name,
address, phone# & email
address to The Urine Lady -
TheWaterLady@----.com

In a couple of hours, I got the following reply:

Dear Mark:
I don't know who may have
done this sh*t (sic) to the
message. Everywhere the
word < urine > is found was
originally < water >.
Please accept our
apologies. This is
somebody's idea of a joke!

Heh - it sure was. Pleased with myself, I sent the mutated mail to my
friends. They got in on the action, respamming the Mad-Libbed message back
to The Urine Lady. Someone even posted the message on
alt.sex.fetish.watersports, with the subject "GOLDEN BOTTLES!" The post
was forged to look as though it were sent by The Urine Lady herself.

That same day, I got a spam trying to sell me a copy of Floodgate
software, a notorious spamming program. I copied the spam to my word
processor and did a few swaps. I changed "Floodgate" to "The Pig Spittle
Drinkers' Toolkit," "email" to "slobber bottle," "program" to
"pig-drool-extraction device," and "software" to "salivary-gland
stimulator." Here's what I sent back to the spammer:

SPECIAL: Buy the latest
version of The Pig Spittle
Drinkers' Toolkit before
May 21st and receive a list
of 30 slobber-bottle
swappers who have millions
of slobber bottles to swap
with you as you build your
database.
HERE'S WHAT OTHER PIG
SPITTLE DRINKERS' TOOLKIT
USERS SAY.....
"The Pig Spittle Drinkers'
Toolkit is truly a dream
come true! By following the
instructions in the book, I
was able to develop a list
of 2,400 slobber bottle
addresses in less than one
hour. Furthermore, the
technical support is
outstanding. This
pig-drool-extraction device
will put me on a level
playing field with the big
boys. They don't teach this
stuff in business school!"
"This salivary-gland
stimulator works fantastic
- I'm so busy now I can't
keep up with the orders and
inquiries! Thanks!"
"I ordered the
pig-drool-extraction device
and haven't stopped running
with it since. With your
support, (at the drop of a
hat), with the finest
pig-drool-extraction device
ever released for public
use, I started my dream
business, a bulk
slobber-bottle business.
"If a 'dummy' like me can
use this salivary-gland
stimulator, anyone can!
Great tool!!!"
[snip]

Soon, my friends and I were mutating and resending
almost every spam we got. Most of the spammers wrote back saying they were
mystified and expressed dismay that anyone would want to hurt their wonderful
home-based business, apologized profusely, and promised that they'd get to
the bottom of the nefarious campaign to defame their good name.

This was our intent: to make them think that
someone had intercepted their spam and was ruining their good name with wacko
faux-spam. Only once did the spammer retaliate by flaming the messenger.
Here's the original spam that a friend received:

This is a great opportunity
for your business. How
would you like to get
200-300 responses per day
from your advertisement? At
Selective Marketing we make
it happen for your
business. Selective
Marketing is a bulk email
advertiseing (sic) company
that generates hundreds to
thousands of responses for
your business.
[snip]

Here is his reply to the spammer:

WHAT IS THE MEANING OF THIS
DISGUSTING SATANIC FILTH?
ALL FORTY-SIX MEMBERS OF
'CHRISTAIN VIRGINS AGAINST
INTERNET SEX' RECEIVD THIS
DISGUSTING PIECE OF HATE
MAIL AND I DEMAND THAT YOU
PROVIDE AN EXPLANATION! WE
ARE CONSULTING OUR LAWYERS
NOW TO SEE IF LEGAL ACTION
CAN BE TAKEN!
JOHNATHON JILLIAN DAVES
This is a great opportunity
for your penis. How would
you like to get 200-300
penises per day from your
penis? At Selective
Marketing we make it happen
for your penis. Selective
Marketing is a bulk penis
advertising company that
generates hundreds to
thousands of penises for
your penis.

The spammer sent 61 identical emails to my friend,
which read:

YOU WILL LEARN NOT TO FUCK WITH
ME YOU PIECE OF SHIT!!!!!!!!!

(My friend said it took him "all of 30 seconds" to save the messages in
a folder.)

If you want to play the Mad Lib Mutated Spam game,
here are some tips. (Remember, some of this stuff might get you in trouble
with the long tentacle of the law, so proceed at your own risk.)

Usually, spams do not contain valid email
addresses. But there are a couple of ways to get a real address. First, you
can look up the spammer's domain name on InterNIC's Whois database. That'll
yield a couple of email address you can use. The other way is to visit the
spammer's Web site, which is often listed in the spam. If it isn't,
just try typing the spammer's domain into your Web browser, and see if
anything pops up. As a last resort, you can fax or snailmail your
mutated message to the spammer, as they usually list their phone number
and mailing address in their desperate quest to get their sebum-coated
hands on your money.

If you have an AOL account, create a special
email address (you are allowed up to five different addresses per account).
I send most of my Mad-Libbed spams through an AOL address used exclusively
for antispamming. That way, if the spammer flips out and decides to mail
bomb you or forge your name on obscene Usenet postings, it won't
matter. This also works with Web-based anonymous email services like
HotMail.

If you're technically adept, you might want to
try "linking two spammers to each other," as another friend suggests. By
"sending mutated mail to other spammers," says my Mad Lib buddy, "maybe
they will start suspecting each other of mutual spam mutating, and spamming
will enter a new era of conspiracy and distrust."

If you get any especially good results from playing Mad Lib Mutated Spam,
please tell me about it!

[Mark Frauenfelder]

Send mail to Mark Frauenfelder at mark@wired.com

When I first read this, like many,
I laughed my ass off. Of course, there's nothing better than ridiculing
someone for spamming.

Make an antispam black list and
put it up on a web page. (see below.) Better yet, contribute to already
established spammer blacklists (this is preferable as it will help boost
the credibility of the list.)

Use your computer skills against
them. (Please note that some of the ideas below are illegal and I don't
specifically recommend them, but rather, I recognize that such practices
exist and only hope that they could be directed at something useful such
as stopping spammers.)

Are you a UNIX user? If so,
you should be able to set up cron jobs to forward accumulated spam messages
(or perhaps uuencoded encryptions of your core dump files) to spammer addresses
at regular intervals. Since most sites have traffic limits to avoid such
things, you will probably have to limit it to once every two hours or
so.

Are you a Windows application
programmer? How about learning MAPI and writing a good mail program with
a SPAM button? The idea would be that it could automatically take
care of responding to spam, filtering and hitting their ISPs all in the
background, without any time consuming user intervention. This would be
cool. I would be willing to pay for such a program if it were good and
had this one feature. (A UNIX
spam filtering scriptor called NoCeM has also been written.)

(Update: Ok, for mail
filtering,
the key will be to learn the POP3 protocol; its real simple don't worry:
look up RFC1939. For sending mail, again its very easy: look up RFC821.
These RFCs have been very esoterically written up. The easiest way to read
them is skip ahead to the commands sections, and try to play with it
interactively by hand with a telnet session.)

Do you know how to hack into
people sites? I ordinarily don't condone or recommend illegal
activities of any kind, but in the case of spammers I will definitely make an
exception. For example, if you could hack into their mailer to simply
not send out going mail, and fake receiving mail ... well I'm sure you could
dream up a lot of clever things you could do from there.

Do you know something about
writing viruses? One possibility is if the spammer is using a Microsoft
mail program (exchange or IE), you could hook into Active X by sending them
MIME with an attached virus. Or better yet, why not send them an
attached word doc with a word doc virus? Again, there are plenty of
possibilities here. (Again, its illegal, but I'll look the other way.)

Do you know how to forge
internet
packets? If you can identify a couple sites as spammer sites, I'm told
it is possible to send one a packet to make it look like it came from the
other site. The idea is to send a corrupt packet that each site
responds to the other site with a "resend the packet; something went wrong"
request. This gets the site just ping ponging a dead packet back and
forth. Do this enough times and the sites will eventually bog down
until they are not usable. (This is probably illegal too, but I would
be proud to know anyone who could pull this off.)

Ask your ISP to beef up their
rules to disallow abuse of internet services for the purposes of
solicitation.
The main thing an ISP should watch for is bulk emailing, and large email
cross posting. While an ISP may not want to limit such usage in any way,
it is much better that they do. Working out the upper limit of any
reasonable individual's posting, and mailing ought to be easy enough, so that
ordinary user's activities are not affected. Fundamentally it costs the ISP
to support email spammers originating from their machine, so its in their
best interest to do something about it. And ultimately, your rates for
that ISP will be tied to how much spam your ISP is supporting. It costs
them in money and in reputation. This is a bit of work, and I think that
simple tools such as bulk mail snooping (that is either snooped, or stopped
if it is not a listserv) should be used by the ISP. If you are an ISP,
I would ask that you consider the following augmentations of your rules
(or something along these lines:)

Rules for using our ISP service:

1) Do not send unsolicited email to anyone. Email
is a method of communication much like the telephone, and just as phone
telemarketing has serious laws limiting it, those laws also extend to use
of email. Similarly do not post off topic commercial or marketing materials
to USENET newsgroups. Engaging in
such activity will also damage our reputation.

2) Violators of this will be subject to arbitrary
removal of their account, but
retribution will not be limited to this:

a) Anyone who has been reported or detected as
spamming may have all activities originating or passing
through their account here subject to scan, trace and
auditing. The activities will be logged and used
as evidence in court if charges are deemed appropriate. If we
determine that you have accounts at other domains, we
will inform those service providers of your activities.

b) Anyone who has been deemed a spammer will
have the US postal service, the telephone company and
local law enforcement officials informed of who they are
and all profile information you gave us in order to
receive you current account with us. Your creditors will
also be informed of your activities.

c) If you are deemed a spammer, your name,
address and all information you gave us (possibly including social security
number) will be added to spammer black lists which will be on public
display and well known web sites, as well as being put on USENET cancelbot
lists.

d) No payments will be refunded for accounts
lost if you have been deemed a internet abuser. Such funds will be applied
against resource drain from potential mass mailings enacted by the abuser,
as well as compensatory damages for negative effects to our reputation as a
service provider.

e) Such abusers will not be informed when their
account is terminated. As the abusers actions may be in severe violation of the
law, the only further contact will be through the legal system, including
a court summons.

3) It is at our discretion that we will determine
if you are or are not an internet abuser. If we
believe you are a violator, we will not listen to
your side of the story. Decisions of this nature
are final and may not be overturned.

4) Any abuse reported to the postmaster will be
investigated by means of tracing and logging usage as
described above, as well as other standard methods
(such as email header backtracking and traceroutes.)
Our anti-abuse policy is an active one, in that we
seek out and are always trying to expose
offenders.

If you are an ISP provider
that provides email services, then make sure your mailer
does not blindly allow mail relaying. In testing email
servers of various ISPs, I found that (yeah, I've been
having some fun with these spammers) most are simply wide
open and will allow arbitrary mail to be sent on them. That
is, end users can configure your mail server to use another
ISP's mailer, and nothing will stop them. Anyhow, I did
find some ISP mailers which actually rejected my attempts to
retaliate against spammers! That's how I know its possible
to simply monitor the IP address at the mailer, and reject
unapproved sites from sending mail out of them.

The latest sendmail package
also has features for limiting spam abuse. It is available
at: www.sendmail.org

At this point I would like to
dedicate some space to commending the free email service BIGFOOT. They have a
large known spammer sites list which
they publicize and update. This is the kind of action we
need against spammers. Its not enough to hate them, we need
for the service entities on the Net to take action against
them. In the past I have received spam from BigFoot, but
this stepping up of their Anti-spam policy has reversed my
opinion of them completely. Please take note that this is
in contrast to hotmail and juno which claim to
have anti-spam policies, but do absolutely nothing about
it.

Update: These Bigfoot folks
are really a God-send. They have filed a lawsuit against
cyberpromotions and are asking for $1,000,000! Basically
the premise is that cyberpromo, was in some way using and
misrepresenting bigfoot as a conduit for their own spam
scams, and Bigfoot is simply seeking damages.

AOL, the much maligned,
lowbrow ISP, is taking steps to block spammers. The email
options on AOL allow you to block individual spammers as
well as entire domains from being able to send mail to you!
This is an excellent first step. Much like BigFoot, they've
started by being very typical spam targets by allowing
spammers to use "trial subscriptions" for free as their base
of operations. They've slowly but surely been taking steps
including taking cyberpromotion's Sanford Wallace to court
to prevent him from using the "trial subscriptions" in this
way.

I emphasize "slowly", because
only until recently (its 10/29/97 right now) AOL was
recommending that people respond to spam and ask to be
removed from spam lists. Its has been fairly well known for
at least a year now, that spammers do not honor these "don't
spam me" requests and use these responses as an email
address verification mechanism. Furthermore, their blocking
mechanisms are a functional subset of my own Pegasus mail filter which
is far more effective in blocking spam.

Take ordinary legal, and
consumer response actions.

Wayne Smith at "CTS" responded
to a magazine article about spamming with the following
great suggestions (but they take some motivation to do
them):

Always fight back !! Something
that I do:

Any EMAIL mentioning ANY
Postal ZIP code. I make (2) copies to paper, for
every ZIP code mentioned. Send one to the postmaster@ZIP.
Attn: Fraud Division. I attach to it a form letter
to have them check this out as I consider this to be
illegal use of the USPS. I indicate in the letter that I
would like written conformation of receipt of the
complaint. File the other.

Two weeks later, (if no
action) call the postmaster@ZIP and ask for written
status on your complaint. Indicate that you or you
lawyer will call from time to time unless you get
written conformation of the progress of your
complaint. All have written to keep me informed of
their progress. The FEDS carry a big stick, and
they use it. I have, to date, received notice of 12
taken to court.

Any unwanted PHONE
contacts: BEFORE they have a chance to say anything I ask
for their name and phone number. (I also have Caller ID).
I tell then in no uncertain terms:

I speak to NO ONE without this information

To remove my name from their phone lists.

Oh BTW, I buy NOTHING over the phone.

When I order ANYTHING from
a catalogue or over the phone, I don't use my real
name. I change the middle initial to A-Z in sequence. Keep
track of purchases, initials used and company
contacts. If in the future I get Junk mail addressed
to Wayne P Smith and my records show that I used P for my
last contact with XYZ company. Then XYZ gets a nasty
call from me.. I always tell these folks NOT to SELL
my name.

For Junk EMAIL: I first try
to decode the header using SPADE.EXE. That Provider
is added to a list of ABUSE@Provider.com in my address
book. Forward it, along with a message that you
consider this to be UCE, to that whole list.

Reporting Fraud

If you believe you have been the
victim of fraud through the internet, or been approached with a
fraudulent proposal, don't hesitate to turn them in. At least
Fraud is something the authorities know how to deal with and
will put some effort into cracking down upon. Check out
the Anti-Fraud web
page for the phone number you should call to report
it.

Finally, I just want to inform everyone
that I am working on my own solution. The ideal would be a piece of
software that you could feed spam email to, and it would send a response
in a way that not only reduces the amount of spam you receive, but that
which others receive from those that have offended you. (No, its not a
simple mail bomb; its a little more insidious than that.) Do not email
me requesting information, as I am still working on my solution. If you
have some good ideas, however, I wouldn't mind entertaining the idea of
a collaboration.

I am not available as a consultant for
such a service, but would much rather work with other programmers like
me who just want to put an end to spamming; for example, I would suggest
offering the end products in source form so that
anyone including commercial developers could just take it and run
with it. But I am open to suggestions.

(Sanford Wallace is the president of
CyberPromotions, and is periodically kicked off of any ISP he
signs up with because of the volume of hate mail responses
directed at him and the ISP because of the spam he generates.)

Juno.com

As you can see from the above, the juno.com site seems to be a popular
source of spam. When I tried to complain to the postmaster at their site, they
responded very politely and professional claiming that they were intent on
rooting out the perpetrator and would not tolerate spam emanating from their
site. They then responded that the source was forged and that the real
perpetrator originated somewhere on att.net (one of the hops) and that I
should take my complaint there (which I did, but give me a break sending email
to the postmaster at AT&T? There's an electronic black hole if ever
there was one.) In a few days I received more email from that same forged
email address, implying that the perpetrator could still do their scam based
on that address, so I was not sure what to do. I then learned of the other
juno.com perpetrators above and did a quick scan of www.juno.com
and decided that filtering out all juno.com traffic sent to me was the
right thing to do. Unless you have good reason to believe that
juno.com is not itself to blame, I suggest you do the same.

Update: Juno has filed suit against:
Strippers Inc, INS knoxville, Phoenix Interactive, Global Information
Services, Scott Allen Exports Sales, asking for an injunction and $1
Million in restitution for loss of reputation and trademark
infringement. Finally! ISPs are getting the message: (1) People
hate spam, (2) You are labeled a spammer, even if other people are
impersonating your ISP, (3) Providing free email provides a haven for
spammers, and makes essentially just as bad as the spammers themselves,
(4) The only solution for free email services is to actively attack
spammers.

I will be taking a wait an see attitude towards juno, since they still rank
among the highest spam sources. I will have to see evidence that they are
really clamping down on spammers in an effective manner before I disable my
filter against them.

Further Update: I have since received a trickle of legitimate mail from
juno. So I looked over my filter and found a way to filter out all the spam I
have ever received from juno in ways other than the fact that it is from juno.
While juno is still a big spam conduit, I don't need to filter them directly
to filter out all the spam coming from them.

FloodGate

I got spam from the folks who make this product. This product is in fact a
Windows based tool for harvesting email addresses from USENET or other text
sources such as web pages, so beware. Unfortunately for me, I seem to already
be on a bunch of lists, but otherwise my set up seems appropriate to counter
acting this software product. Not surprisingly, they did not supply a valid
email address to which to respond to, but rather just a snail mail address
which they expected me to send a check to for their product. If you want to
avoid this spam filter out: "Bulk Emailing" and "joey@xxxdoe.net".

BTW, I have verified that a fair amount of my
spam actually came from this program, specifically, "Floodgate Pro 5.0". If
someone felt like writing a virus that attacked this program, I would look the
other way, and secretly praise and worship you forever. :o)

Ready Aim Fire

Like Floodgate, these guys,
Microsyssolutions, are basically writing a bulk email program that
looks like it is making way too easy and convenient with all their features.
Their web site is http://microsyssolutions.com/ and as always, I will
silently cheer on any hacker that manages to take down this page/site.

savetrees.com

These folks are true scum bag. The
only thing that keeps me from hating these guys completely, is that I've
never read through any single piece of spam email from these guys. They
don't get their point across quickly, but they do convince me that they
are spammers quickly, so they are an easy one to filter.

Update: These guys indeed were
affiliated with cyberpromotions, and with the demise of cyberpromotions,
so falls this spam house.

Earthlink.net

Like the juno.com people, I don't
have hard evidence that they are a spam site, but the only mail I have received
from that site is junk email, so I've decided that filtering them out is
far more likely to be a good thing, than a bad thing. This is the first
site which was successfully screened by mere filtering alone.

Update: I picked up the following
quote of the USENET recently:

"Finally! And all through the value
chain of this medium you have amazing savings over traditional analog media.
You don't have to kill trees to send somebody junk mail."

Sky Dayton, CEO EarthlinkMicroTimes March 5, 1997 #162 pg.100

New Update:

It appears as though there are some legitimate
users of earthlink.com. They appear to be mostly at the level of the early
aol users. I have also, since, received more spam from earthlinkers (I have
not yet received legitimate mail from earthlink.) So, unless sufficiently
compelled, I will leave my filters in an anti-Earthlink mode.

Further Update:

I have since received a ton of spam
from people on earthlink. Sorry, my spam filter stays in place, intact
against earthlink.

Final Update:

Earthlink has now joined the ranks of
AOL and Bigfoot in a campaign against spam. They won a $2 million settlement
again cyberpromotions as well as getting an apology from the CEO Sanford
Wallace (the "Spam King".) Wallace said that this effectively puts him
out of business ... for now.

Like juno above, I have looked over
my spam archive and redesigned my filter to trap all spam I have ever received
from earthlink while not filtering out all earthlink traffic itself.

Hotmail.com

I have second hand information that this is another favorite site for spam
perpetrators. As I have not seen the evidence first hand, I have not yet
filtered them out, however I will upon first receipt of spam from them. These
sorts of "free email" services can be especially deadly with respect to spam
since they might be set up to monitor any email coming in and out of their
site (as a method for harvesting email addresses) regardless of how legitimate
or innocent a given user of their service is. Not only are you spammed, but
email privacy is threatened!

Update: I was hit by spam from an hotmail.com user. This is the only
form of mail I have ever received from the hotmail.com site, i.e., I've never
received legitimate mail from their site. Combine that with what I've heard
and that's it; I have filtered them out. (Update to the update: I was hit
again by a hotmail spammer; there is no longer the least bit of doubt or regret
in filtering them out, and I am happy to say, I have not read the actual
contents of any spam sent to me via hotmail.)

Further Update: I have recently been told that hotmail policy is to not
tolerate spamming and that spam should be forwarded to abuse@hotmail.com. Ok,
so I've set up a filter to forward all mail from hotmail to be sent there.
(I.e., I still believe them to be nothing but a bunch of spammers, might as
well make them pay for it.)

Latest Update: hotmail.com has now gotten to be so bad that it is second
only to nevwest.com in the volume of spam which contains it in their headers.
It should be noted that aol, bigfoot, rocketmail, and prodigy all have
significantly less spam with their telltale domain address. Hotmail.com is to
be noted as one of the only free/trial email service providers that has taken
absolutely no action against spammers. If you have made the mistake of getting
yourself one of these accounts, I implore you to get rid of it and switch to
one of the many other free email services.

Another Update: I have redesigned my filter to trap all the spam I have
ever received from hotmail without trapping hotmail itself. Given that it is
owned by Microsoft which has shown several signs of their intent to spam, but
at the same time Bill Gates has come out against spam. I simply don't trust
Microsoft to do the right thing. I am ready to reinstate my anti-hotmail
filter, as soon as I have confirmation that Microsoft endorses spam.

Surplus Direct

These guys have targeted geocities mail accounts. I am not sure whether
geocities is to blame or its just limited to surplus direct, but I don't have
a geocities email account so I just don't know. Anyway, it appears as though
they are taking advantage of the receive only header filtered email that many
geocitizens are limited to.

I had an URL that had all sorts of details about the nature of the SPAM and a
call to action which included a boycott of certain products. Unfortunately, geocities has seen fit to remove that site, so their involvement
is not clear. Unfortunately, as I was not hit by the SPAM, and as I didn't
study the nature of the boycott, and I don't know the circumstances under which
the site was deleted (geocities periodically suffers from these kinds of
glitches; I have an entire mirror of my site on my hard disk just in case) I cannot make a definitive judgment. However, I would be greatly disappointed if geocities did not take a stiffer stance on SPAM, since I've very happily made my cyber home here.

The deleted site was http://www.geocities.com/SiliconValley/Lakes/5397/ it is slowly being recovered, but the critical boycott.html page is missing.

CyberPromo

Of course, the biggest distributors of
spam on earth. You know what pisses me off most about these
a**h*l*s? Using my tactics I actually stayed off their lists for
over 6 months! But somehow, I recently got added onto
them.

Update: After losing numerous
court battles, culminating in a $2 million settlement with
Earthlink, it appears as though cyberpromo is dead. We can
only pray it is never resurrected.

Software Spam

There is another kind of spam that people
are getting really annoyed about: software spam. That is, you
install or use a product, and for some reason it proceeds to bug you with
advertisements when it loads or when you use it.

These are not nearly annoying as email
spam (by simple virtue of volume) but as I have become better at taming spam
(mostly by my extremely effective filter) I have been getting delusions of
grandeur. :o) I hate spam, so here are some common
commercial spam annoyances as well as some work arounds I've
developed.

Geocities has now decided to use all
their free client's pages as forms of advertising that go beyond their
original intention.

What geocities is doing is for any
web page where a certain banner is not advertised, some javascript code has
been appended to the page launching another buttonless browser window with an
advertisement in it.

Many people complained about this for
various reasons (namely that it would increase the likelihood of crashing
people's systems, since running two instances of Netscape or IE is quite a
stressful thing for poor old Windows, or MacOS to handle.) Despite this,
Geocities went ahead with it.

Now, geocities is a commercial
venture, and they have the right to do this considering they are the
proprietors and they have to make money off this somehow. But frankly,
it just was far too annoying for me. I have far too many web
pages that I would have to edit with their banner, and it would change
the content from what people were expecting to see on my own web pages
here. (My pages are linked by over 300 other sites according to AltaVista.)
Here is a work around for this:

At the bottom of my web pages, I now
put <NOSCRIPT>. This nullifies any Javascript appearing after
it. This was not my idea, but rather that of the Snicker Page.

Installing the new netscape navigator
installs "AOL Instant Messenger" which comes up on every boot whether you
want it there or not (perhaps there was an install option to keep it from
turning off, but once installed, it was not obvious how to uninstall this
AIM crap.)

Well it turns out that the program aim.exe was being run on boot as specified in the registry key: